package x.trident.core.security.config;

import cn.hutool.core.text.CharSequenceUtil;
import cn.hutool.core.util.ArrayUtil;
import x.trident.core.security.api.SecurityConfigApi;
import x.trident.core.security.api.constants.SecurityConstants;

import java.util.ArrayList;
import java.util.List;

/**
 * 默认实现配置
 *
 * @author jason.yan
 * @date 2022/6/30
 */
public class DefaultSecurityConfigImpl implements SecurityConfigApi {

    /**
     * 获取XSS过滤的url范围
     */
    @Override
    public String[] getUrlPatterns() {
        String xssUrlIncludes = SecurityConstants.DEFAULT_XSS_PATTERN;
        List<String> split = CharSequenceUtil.split(xssUrlIncludes, ',');
        return ArrayUtil.toArray(split, String.class);
    }

    /**
     * 获取XSS排除过滤的url范围
     */
    @Override
    public List<String> getUrlExclusion() {
        String noneSecurityUrls = "";
        if (CharSequenceUtil.isEmpty(noneSecurityUrls)) {
            return new ArrayList<>();
        } else {
            return CharSequenceUtil.split(noneSecurityUrls, ',');
        }
    }
}
